<?php

!defined('IN_DISCUZ') && exit('Access Denied');

class plugin_touclick {

	public $cvars = array();
	public $cvarsmod = array();
	public $sitekey = "";
	
	function  __construct() {
		global $_G;
		$this->cvars = $_G['cache']['plugin']['touclick'];
		$this->cvars['enable'] = (array)unserialize($this->cvars['enable']);
		$this->cvarsmod = $this->cvars['enable'];
		$this->cvars['gids'] = (array)unserialize($this->cvars['gids']);
		if(!in_array($_G['groupid'], $this->cvars['gids'])) $this->cvars['enable'] = array();
		$this->sitekey = trim($this->cvars['sitekey']);
		if(strlen($this->sitekey) != 36 && $this->sitekey != ""){
			$touclickplID = DB::result_first("SELECT pluginid FROM ".DB::table('common_plugin')." where identifier = 'touclick'");
			DB::update("common_pluginvar", array('value' => '' ), "pluginid = '".$touclickplID."' and variable = 'sitekey'");
			DB::update("common_pluginvar", array('value' => '' ), "pluginid = '".$touclickplID."' and variable = 'identity'");
			require_once (DISCUZ_ROOT.'./source/function/function_cache.php');
			updatecache(array('plugin', 'setting', 'styles'));
		}
	}
	
	function _check() {
		global $_G;
		if($this->cvars['stats']){
			if(empty($_POST["touclickPSI"]) || strlen($_POST["touclickPSI"]) < 10){
				return false;
			}else{
				if(function_exists("save_syscache")){
					$this->riskcheck($_G['clientip']);
				}
				
				$uname = diconv($_G['username'], $_G['config']['output']['charset'], "UTF-8");
				
		        require_once (DISCUZ_ROOT.'./source/plugin/touclick/func/touclick_request.func.php');
				$touclickPSI = $_POST["touclickPSI"];
				$touclickPSB = trim($this->cvars['sitekey']);
				$touclickPSC = $_POST['touclickPSC'];
				$touclickIDE = trim($this->cvars['identity']);
				$urlstr = "/captchacheck.touclick?b=".$touclickPSB
						."&i=".$touclickPSI
						."&c=".$touclickPSC
						."&z=".$touclickIDE
						."&p=".$_G['clientip']
						."&v=v2-1-2"
						."&un=".urlencode($uname)
						."&ud=".$_G['uid'];
				
				$getres = touclick_requestPST("http://test.touclick.com",
						$urlstr
						, array(),80);
				if($getres['status'] == "err"){
					showmessage('&#24744;&#30340;&#26381;&#21153;&#22120;&#19981;&#25903;&#25345;fsockopen&#20989;&#25968;&#65292;&#25110;&#26410;&#25171;&#24320;8092&#31471;&#21475;');
				}
				
				$riskflag =( strpos($getres['content'], '[riskip]') === false );
				if(function_exists("save_syscache")){
					if(!$riskflag){
						$this->addriskip($_G['clientip']);
					}
				}
				$mystring = $getres['content'];
				$findme   = "[yes]";
	 			$pos = strpos($mystring, $findme);
				$result = true;
				if ($pos === false) {
					$result = false;
				}
				return $result;
			}
		}else{
			return true;
		}
	}
	
	function getLenth($instr, $cs){
		$res = "";
		if(function_exists('mb_strlen')){			
			$len = mb_strlen($instr, $cs);
			if($len==0){
				$res = "1   ";
			}elseif($len<=9){
				$res = $len."   ";
			}elseif ($len <=99){
				$res = $len."  ";
			}elseif ($len <=999){
				$res = $len." ";
			}
		}else{
			showmessage("PHP&#26410;&#21551;&#29992;mb_strlen&#20989;&#25968;");
		}
		return $res;
	}
	
	function secreContent($modelStr){
		global $_G;
		$charset = $_G['config']['output']['charset'];
		$charset = ($charset=="utf-8"?"UTF8":$charset);
		$touclickPSB = trim($this->cvars['sitekey']);
		
		$messageTC = trim($_POST['message']);
		$subjectTC = trim($_POST['subject']);
		
		$secreStr = "028 012345678901234567890123456789012345010102030405060708";
		$secreStr .= $this->getLenth($_G['username'], $charset);
		$secreStr .= $this->getLenth("xxx", $charset);
		$secreStr .= $this->getLenth($touclickPSB, $charset);
		$secreStr .= $this->getLenth(getgpc('fid')?getgpc('fid'):"x", $charset);
		$secreStr .= $this->getLenth(getgpc('tid')?getgpc('tid'):"x", $charset);
		$secreStr .= "2   ";
		
		$subjectTC = $subjectTC ? $subjectTC : "reply";
		$messageTC = mb_strlen($messageTC)>256?substr($messageTC,0,250):$messageTC;
		
		$secreStr .= $this->getLenth($subjectTC, $charset);
		$secreStr .= $this->getLenth($messageTC, $charset);
		
		$secreStr .= $_G['username']."xxx".$touclickPSB.(getgpc('fid')?getgpc('fid'):"x").(getgpc('tid')?getgpc('tid'):"x").$modelStr.$subjectTC.$messageTC;
		
		$charset = ($charset=="gbk")?"2":(($charset=="UTF8"?"1":"0"));
		
		$secuData = array(
				"TKTP" => "02",
				"IPCT" => $_G['clientip'],
				"WK" => $touclickPSB,
				"UK" =>  base64_encode($_G['username']),
				"DC" => $charset,
				"PTCL" => base64_encode($secreStr)
		);
		require_once (DISCUZ_ROOT.'./source/plugin/touclick/func/touclick_request.func.php');
		require_once (DISCUZ_ROOT.'./source/plugin/touclick/include/JSON.php');
		$secu = touclick_request("http://content.touclick.com/touclick.secu", $secuData, 80);
		
		$tcJSON = new CJSON();
		$reportTable = $tcJSON->decode($secu['content'], true);
		
		$ret = substr($reportTable["flagStr"], 0, 2);
		if($ret == "04"){
			$keyword = explode("-", base64_decode($reportTable["keywords"]));
			showmessage("&#24744;&#21457;&#34920;&#30340;&#20869;&#23481;&#21547;&#26377;&#25935;&#24863;&#35789; &#8220;<label style='color:#B71616;font-weight:bold;'>".$keyword[1].
					"</label>&#8221;<br/>&#36317;&#20851;&#31105;&#38381;&#36824;&#26377; <label style='color:#42D009;font-weight:bold;'>".$reportTable["countRiskLeft"]."</label> &#27425;&#26426;&#20250;...<br />From: &#28857;&#35302;&#39564;&#35777;&#30721;");
		}elseif($ret == "05"){
			$seconds = $reportTable["timeKill"]/60;
			showmessage("&#20320;&#34987;&#20851;&#20102; <label style='color:#E61111;font-weight:bold;'>".$seconds."</label> &#20998;&#38047;&#30340;&#31105;&#38381;&#65292;&#35831;&#31245;&#21518;&#20877;&#35797;&#65281;<br />
From: &#28857;&#35302;&#39564;&#35777;&#30721;");
		}
	}
	
	function riskcheck($clientIP){
		global $_G;
		loadcache("touclick_risk");
		if($_G['cache']['touclick_risk']){
			$riskip = $_G['cache']['touclick_risk']['riskip'];
			if(array_key_exists($clientIP, $riskip)){
				if(TIMESTAMP > $riskip[$clientIP]){
					if($clientIP != '127.0.0.1'){
						unset($_G['cache']['touclick_risk']['riskip'][$clientIP]);
						save_syscache('touclick_risk', $_G['cache']['touclick_risk']);
					}
				}else{
					showmessage("&#20320;&#30340;IP&#24322;&#24120;!");
				}
			}
		}else{
			save_syscache("touclick_risk", array(
					'riskip'=>array('127.0.0.1'=>'110'),
					'riskuser'=>array('touclickriskusrisopen'=>'1')
				)
			);
		}
	}
	
	function addriskip($clientIP){
		global $_G;
		$risktime = TIMESTAMP+3600;
		loadcache("touclick_risk");
		if($_G['cache']['touclick_risk']){
			$riskip = $_G['cache']['touclick_risk']['riskip'];
			if(array_key_exists($clientIP, $riskip)){
				$_G['cache']['touclick_risk']['riskip'][$clientIP] = $risktime;
				save_syscache('touclick_risk', $_G['cache']['touclick_risk']);
			}else{
				$_G['cache']['touclick_risk']['riskip'] = array_merge($_G['cache']['touclick_risk']['riskip'], array($clientIP => $risktime));
				save_syscache('touclick_risk', $_G['cache']['touclick_risk']);
			}
		}else{
			save_syscache("touclick_risk", array(
			'riskip'=>array($clientIP => $risktime),
					'riskuser'=>array('touclickriskusrisopen' => '1')
				)
			);
		}
		showmessage("&#20320;&#30340;IP&#24322;&#24120;!");
	}
	
	function global_footer(){
		global $_G;
		include template('touclick:tpl_touclick');
		return $return;
	}
	
	function post_infloat_btn_extra(){
		global $_G;
		include template('touclick:tpl_regloge');
		return $return;
	}
	
	function logging_method(){
		global $_G;
		include template('touclick:tpl_regloge');
		return $return;
	}
	
	function register_bottom(){
		global $_G;
		include template('touclick:tpl_regloge');
		return $return;
	}
	
}

class plugin_touclick_portal extends plugin_touclick {
	function __construct() {
		parent::__construct();
	}

	function portalcp_check() {
		global $_G;
		if(in_array('article', $this->cvars['enable'])) {
			if(submitcheck('articlesubmit', 0)) {
				if(!$this->_check()) {
					showmessage('&#35831;&#27491;&#30830;&#28857;&#20987;&#39564;&#35777;&#30721;!');
				}
			}
		}
	}
}

class plugin_touclick_forum extends plugin_touclick {
	function __construct() {
		parent::__construct();
	}

	function post_check() {
		global $_G;
		$action = getgpc('action') == 'newthread' ? 'thread' : 'reply';
		if(trim($_POST['message']) != "" && $_G['member']['groupid'] != 7 && function_exists('mb_strlen')){
			if(function_exists("save_syscache")){
				$this->riskcheck($_G['clientip']);
			}
			if($_G['cache']['touclick_risk']['riskuser']['touclickriskusrisopen']){
				$this->secreContent($action == 'thread' ? '02' : '03');
			}
		}
		if(in_array($action, $this->cvars['enable']) && trim($_POST['message']) != "") {
			
            if(submitcheck($action == 'thread' ? 'topicsubmit' : 'replysubmit', 0)) {   
    			if(!$this->_check($action == 'thread' ? 'thread' : 'reply')) {
    				if(getgpc('touclickIsFloat') == 'ok'){
    					if($action == "thread"){
    						showmessage("<script type='text/javascript' reload='1'>touclickFire('postIF', 2);</script>");
    					}else{
    						showmessage("<script type='text/javascript' reload='1'>touclickFire('postIF', 1);</script>");
    					}
    				}
    				else if(getgpc('touclickPOSTi') != 'ok'){
    					if($action == "thread"){
    						showmessage("<script type='text/javascript' >touclickFire('newFD', 1);</script>");
    					}else{
    						showmessage("<script type='text/javascript' reload='1'>touclickFire('viewthreadFP', 2);</script>");
    					}
    				}else if(getgpc('save') == 1){
    					
    				}else{
    					showmessage("&#24744;&#36991;&#36807;&#20102;&#28857;&#35302;&#39564;&#35777;&#30721;&#65292;&#35831;&#25163;&#21160;&#28857;&#20987;&#21457;&#24086;&#25110;&#22238;&#22797;&#25353;&#38062;&#65281;");
    				}
    			}  			
    		}
		}
	}
}


class plugin_touclick_member extends plugin_touclick {
	function __construct() {
		parent::__construct();
	}

	function register_check() {
		global $_G;
		if(in_array('reg', $this->cvarsmod)) {
			if(submitcheck('regsubmit', 0, $seccodecheck, $secqaacheck)) {
				if(!$this->_check()) {
					showmessage('&#35831;&#27491;&#30830;&#28857;&#20987;&#39564;&#35777;&#30721;!');
				}
			}
		}
	}
	
	function logging_check() {
		global $_G;
		if(in_array('login', $this->cvarsmod)) {
			if($this->mycheck('loginsubmit', 0)) {
				if(!$this->_check()) {
					showmessage('&#35831;&#27491;&#30830;&#28857;&#20987;&#39564;&#35777;&#30721;!');
				}
			}
		}
	}
	
	function mycheck($var, $allowget = 0, $seccodecheck = 0, $secqaacheck = 0) {
		if(!getgpc($var)) {
			return FALSE;
		} else {
			global $_G;
			if($allowget || ($_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_GET['formhash']) && $_GET['formhash'] == formhash() && empty($_SERVER['HTTP_X_FLASH_VERSION']) && (empty($_SERVER['HTTP_REFERER']) ||
					preg_replace("/https?:\/\/([^\:\/]+).*/i", "\\1", $_SERVER['HTTP_REFERER']) == preg_replace("/([^\:]+).*/", "\\1", $_SERVER['HTTP_HOST'])))) {
				if(checkperm('seccode')) {
					if($secqaacheck && !check_secqaa($_GET['secanswer'], $_GET['sechash'])) {
						showmessage('submit_secqaa_invalid');
					}
					if($seccodecheck && !check_seccode($_GET['seccodeverify'], $_GET['sechash'])) {
						showmessage('submit_seccode_invalid');
					}
				}
				return TRUE;
			} 
		}
	}
}

?>